Lucene search
+L

883 matches found

OSV
OSV
added 2017/04/19 7:16 a.m.8 views

SUSE-SU-2017:1058-1 Security update for xen

This update for xen fixes the following security issues: - CVE-2017-7228: Broken check in memoryexchange permited PV guest breakout bsc1030442. - CVE-2017-6414: Memory leak in the vcardapdunew function in card7816.c in libcacard allowed local guest OS users to cause a denial of service host memor...

8.2CVSS6.1AI score0.01569EPSS
Exploits2References7
exploitpack
exploitpack
added 2017/04/11 12:0 a.m.53 views

Xen - Broken Check in memory_exchange() Permits PV Guest Breakout

Xen - Broken Check in memoryexchange Permits PV Guest Breakout Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1184 This bug report describes a vulnerability in memoryexchange that permits PV guest kernels to write to an arbitrary virtual address with hypervisor privileges. The...

6.9CVSS0.00406EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2017/04/10 12:0 a.m.46 views

Fedora 25 : xen (2017-054729ab08)

Qemu: 9pfs: host memory leakage via v9fscreate CVE-2017-7377 1437873 x86: broken check in memoryexchange permits PV guest breakout XSA-212, CVE-2017-7228 1438804 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...

8.2CVSS6.5AI score0.01569EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2017/04/07 12:0 a.m.63 views

FreeBSD : xen-kernel -- broken check in memory_exchange() permits PV guest breakout (90becf7c-1acf-11e7-970f-002590263bf5)

The Xen Project reports : The XSA-29 fix introduced an insufficient check on XENMEMexchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arrays. A malicious or buggy 64-bit PV guest may be able to access all of system memory, allowing f...

8.2CVSS7.6AI score0.01569EPSS
Exploits2References3
Debian
Debian
added 2016/11/07 6:31 p.m.41 views

[SECURITY] [DSA 3707-1] openjdk-7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3707-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 07, 2016 https://www.debian.org/security/faq -...

9.6CVSS7.6AI score0.05437EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2016/08/03 12:0 a.m.13 views

PT-2021-3569 · Runc +8 · Runc +8

Name of the Vulnerable Software and Affected Versions: runc versions prior to 1.0.0-rc95 Description: The issue allows a container filesystem breakout via directory traversal. To exploit this, an attacker must be able to create multiple containers with a fairly specific mount configuration. The...

9.3CVSS6.6AI score0.9857EPSS
Exploits55References222
Tenable Nessus
Tenable Nessus
added 2015/11/25 12:0 a.m.245 views

Debian DLA-346-1 : openjdk-6 security update

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform. These vulnerabilities relate to execution of arbitrary code, breakouts of the Java sandbox, information disclosure and denial of service. For Debian 6 'Squeeze', these problems have been fixed ...

10CVSS7AI score0.09991EPSS
Exploits0References19
Debian
Debian
added 2015/11/24 8:56 a.m.44 views

[SECURITY] [DLA 346-1] openjdk-6 security update

Package : openjdk-6 Version : 6b37-1.13.9-1deb6u1 CVE ID : CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911 Several...

10CVSS6.9AI score0.09991EPSS
Exploits0
Debian
Debian
added 2015/11/01 10:21 p.m.50 views

[SECURITY] [DSA 3381-2] openjdk-7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3381-2 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 1, 2015 https://www.debian.org/security/faq -...

10CVSS7AI score0.09991EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/10/30 12:0 a.m.39 views

openSUSE Security Update : the Linux Kernel (openSUSE-2015-686)

The openSUSE 13.2 kernel was updated to receive various security and bugfixes. Following security bugs were fixed : - CVE-2015-3290: arch/x86/entry/entry64.S in the Linux kernel on the x8664 platform improperly relied on espfix64 during nested NMI processing, which allowed local users to gain...

7.2CVSS7AI score0.05059EPSS
Exploits5References21
OSV
OSV
added 2015/10/27 12:0 a.m.26 views

DSA-3381-1 openjdk-7 - security update

Bulletin has no description...

10CVSS5.7AI score0.09991EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.31 views

Amazon Linux: Security Advisory (ALAS-2015-522)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.00609EPSS
Exploits0References2
OSV
OSV
added 2015/07/25 12:0 a.m.45 views

DSA-3316-1 openjdk-7 - security update

Bulletin has no description...

10CVSS7AI score0.9986EPSS
Exploits1
Prion
Prion
added 2015/05/18 3:59 p.m.24 views

Design/Logic Flaw

Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization "mount namespace breakout" and write to arbitrary file on the host system via a symlink attack in an image when respawning a container...

7.2CVSS6.7AI score0.00603EPSS
Exploits0References5Affected Software2
UbuntuCve
UbuntuCve
added 2015/05/18 3:59 p.m.39 views

CVE-2015-3629

Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization "mount namespace breakout" and write to arbitrary file on the host system via a symlink attack in an image when respawning a container...

7.8CVSS7.2AI score0.00603EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2015/05/18 3:0 p.m.34 views

CVE-2015-3629

Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization "mount namespace breakout" and write to arbitrary file on the host system via a symlink attack in an image when respawning a container...

7.8CVSS7.4AI score0.00603EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/05/08 12:0 a.m.34 views

Amazon Linux AMI : docker (ALAS-2015-522)

The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal. This allows malicious container images to trigger a local privilege escalation. CVE-2015-3627 Libcontainer versi...

7.8CVSS6.3AI score0.00609EPSS
Exploits0References5
OSV
OSV
added 2015/04/24 12:0 a.m.40 views

DSA-3234-1 openjdk-6 - security update

Bulletin has no description...

10CVSS5.7AI score0.07224EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.42 views

Debian DLA-96-1 : openjdk-6 security update

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service. For Debian 6 'Squeeze', these problems have been fixed in version...

9.3CVSS7.2AI score0.06118EPSS
Exploits0References23
OpenVAS
OpenVAS
added 2014/07/17 12:0 a.m.37 views

Debian Security Advisory DSA 2980-1 (openjdk-6 - security update)

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service. OpenVAS Vulnerability Test $Id: deb2980.nasl 6663 2017-07-11 09:58:05Z...

9.3CVSS1AI score0.06118EPSS
Exploits0References1
Rows per page
Query Builder